"Intranet,  Internet,  and  Cloud 
Computing:  Identifying  Weak  Spots  In 
Our  Technological  Infrastructure" 


Dr.  Eugene  W.P.  Bingue 
Naval  Computer  and 
Telecommunications  Area 
Master  Station  Pacific 
{NCTAMS  PAC) 

euqene.binque@navv.mil 


Dr.  David  A.  Cook 

Stephen  F.  Austin 
State  University 


cookda@sfasu.edu 


I  HIKED  A  CONSULTANT 

e 

s 

BLAH  BLAH  CLOUD. 

nS 

c 

□1 

Ik. 

IT'S  AS  IF  YOUUE  A 

TO  HELP  US  EVOLVE  OUK 

e 

BLAH  BLAH  CLOUD.  1 

s 

a 

TECHNOLOGIST  AND 

PRODUCTS  TO  CLOUD 

§ 

BLAH  BLAH  CLOUD. 

A  PHILOSOPHER  ALL 

COmuTING. 

J 

BLAH  BLAH  CLOUD. 

Q 

■»!. 

ii 

£ 

E 

m 

■n 

1  j  ,  IN  ONEl 

U/ 

.  BLAH  BLAH  — p 

2 

< 

PLATFOKrA.  il 

il4  ^ 

1 

1 

« 

I 

Form  Approved 
0MB  No.  0704-0188 


Report  Documentation  Page 


Public  reporting  burden  for  the  collection  of  information  is  estimated  to  average  1  hour  per  response,  including  the  time  for  reviewing  instructions,  searching  existing  data  sources,  gathering  and 
maintaining  the  data  needed,  and  completing  and  reviewing  the  collection  of  information.  Send  comments  regarding  this  burden  estimate  or  any  other  aspect  of  this  collection  of  information, 
including  suggestions  for  reducing  this  burden,  to  Washington  Headquarters  Services,  Directorate  for  Information  Operations  and  Reports,  1215  Jefferson  Davis  Highway,  Suite  1204,  Arlington 
VA  22202-4302.  Respondents  should  be  aware  that  notwithstanding  any  other  provision  of  law,  no  person  shall  be  subject  to  a  penalty  for  failing  to  comply  with  a  collection  of  information  if  it 
does  not  display  a  currently  valid  0MB  control  number. 
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Objectives 

>Define  the  Cloud 
>Why  Now 

>Technological  Limitations 


>Towards  a  DoD  Cloud 


IF  WE  rMGFLATE  OUP. 
ENTERPRISE  APPLICA¬ 
TIONS  TO  THE  WEB, 
AND  OUTSOURCE  OUR 
SALES  AND  PRODUCT 
DEVELOPMENT.  .  . 
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THE  ENTIRE  COMPANY 
CAN  BE  MANAGED  BY 
ONE  MONKEY. 
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PLUS  A  SECOND 
MONKEY  TO  LOOK  AT 
THE  POWERPOINT 
SLIDES  FROM  THE 
FIRST  MONKEY. 
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Computing  Technological 


Intranet 


Int 


Define  the  Cloud 


Cloud  computing  refers  to  the  provision  of 
computational  resources  on  demand  via  a 

computer  network. 


Is  the  Cloud  a  Panacea? 
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Not  a  Panacea  -  but  a  new  tool  we 
need  in  the  Bat  Utility  Belt! 
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Define  the  Cloud  M 

National  Institute  of  Standards  of  Technology  (NIST) 

NIST  five  essential  characteristics  of  the  cloud 

are  that  it  offers: 

•  On  demand  self-service  that  allows  consumers 
to  unilaterally  provision  computing  capabilities 
without  human  interaction  with  the  service 
provider, 

•  Broad  network  access,  meaning  that  capabilities 
are  available  over  a  network  and  can  be  accessed 
by  heterogeneous  platforms,  i.e.,  not  just  a 
dedicated  thin  client. 
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Define  the  Cloud  M 

National  Institute  of  Standards  of  Technology  (NIST) 


(cont) 

•  Resource  pooling  such  that  different  physical 
and  virtual  resources  get  dynamically  assigned 
and  reassigned  according  to  consumer  demand  in 
a  multi-tenant  model. 

•  Rapid  elasticity  so  that  to  the  consumer, 
available  capabilities  often  appear  to  be  unlimited 
and  can  be  purchased  in  any  quantity  at  any  time. 

•  Measured  service  allowing  usage  it  be 
monitored,  controlled  and  reported  and 
automatically  controlled  and  optimized. 
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NIST  says  cloud  service  models 
exist  in  three  varieties: 


*  Cloud  software  as  a  service,  in  which  applications  run  on  a 
cloud  but  user  doesn't  provision  or  modify  cloud  service  (or 
even  application  capabilities)  apart  from  limited  user-specific 
configuration  settings. 

*  Cloud  platform  as  a  service,  in  which  users  utilize  cloud- 
provided  programming  tools  to  deploy  applications  without 
controlling  most  of  the  underlying  infrastructure  (possible 
exception  -  the  application  hosting  environment  configuration) 

*  Cloud  infrastructure  as  a  service  -  might  be  termed  the 
whole  nine  yards  of  cloud  computing,  except  that  NIST  would 
never  be  so  colloquial.  User  has  control  over  operating 
systems,  storage,  deployed  applications,  and  possibly  limited 
control  of  select  networking  components  (e.g.,  host  firewalls)  of 
cloud  environment  available  to  the  user  via  the  network. 
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NIST  also  says  there  are  four 
deployment  models:  * 

A  private  cloud  in  which  the  cloud  infrastructure  is 
utilized  by  just  one  organization,  though  not 
necessarily  operated  by  that  one  organization. 

A  community  cloud  whereby  several  organizations 
with  common  concerns  share  a  cloud. 

The  public  cloud  provided  by  the  private  sector  for  all 
users  (NIST  doesn't  say  this,  but  it  seems  to  believe 
this  consists  entirely  of  Amazon  Web  Services). 

A  hybrid  cloud  in  which  two  or  more  cloud  types  are 
discrete  but  networked  together  such  that  a  burst  of 
activity  beyond  the  capabilities  of  one  cloud  is  shifted 
for  processing  to  another. 
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The  Cloud  must  support  the  Data  & 

Security  Triad 
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From  another  dimension  -  adding 

Usability  and  InfoSec 


Cost 


Ej^nctionalitv 


Time 


Security 


Confidentiality 


Functionality 


Ease  of  use  Integrity 
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r^OROAC,  THE  PREVENTEPs 
OF  INFORr^ATION 
SERVICE 
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15  NO  GOOD  BECAUSE 
STRANGERS  UJOULD 
HAVE  ACCESS 
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I  TRUST  ENCRYPTION  ^ 
UJAY  hORE  THAN  I  i| 

TRUST  5POCK -EARED 
SOCIOPATHS.  !? 


UHEN  YOU  f^ENTION 
A  PERSONS  EARS,  HE 
WONT  LISTEN  TO  THE 


REST  OF  YOUR 


•  Data  Security  is  NOT  an  issue  in  the  cloud  UNLESS 
your  IT  folks  are  careless  or  clueless. 


•  There  are  adequate  methods  to  ensure  reasonable 
security,  using  off-the-shelf  encryption/decryption 
methodology. 


•  The  secret  is  to  do  the  security  at  YOUR  end,  and 
only  trust  a  private  cloud  that  is  under  your  total 


control 
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Availability  -  Technological  Limitations 

The  Achilles'  heel  of  cloud  computing  is  "the  network". 

One  can  easily  build  a  data  center  with  thousands  of 
compute  and  storage  nodes,  but  when  it  comes  to  network  it 
doesn't  scale  that  easily.  It  is  also  very  costly  to  proyide 
"always-on",  high-bandwidth  connection  to  millions  of  users 
accessing  the  cloud  oyer  the  Internet. 

Pradeep  Padala,  Researcher,  DOCOMO  Labs 


Advantages  &  Limitations  of  Cloud  Storage 

Compared  with  a  local  operation,  it  takes 
a  long  time  to  pull  data  from  the  cloud  and 
serye  it  back  to  a  client. 
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Cloud  data  transfer 


If  you  are  using  many  large 
files,  be  aware  that  you  will 
probably  have  to  set 
"throttle  limits"  on 
upload/download,  to 
prevent  other  users  from 
experiencing  network  delays 


EMAIL  non 


If  the  file  is  a  large  database  (with  indexing)  - 
potentially  large  file  segments  will  need  to  be  local. 
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DoD  Cloud 


DoD  Cloud  computing  -  the  provisioning  of 
computational  and  information  resources  on 
demand  via  the  Global  Ring. 
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Why  Now?  Because  we  need  it! 

In  the  past  20  years  DoD  has  had  major  engagements 
with  Mother  Nature  -  and  has  always  lost! 


THE  JUNE  1991  ERUPTION  OF  MOUNT  PINATUBO,  PHILIPPINES 


Why  Now?  Because  we  now  can! 

Hurricane  Andrew  in  August  1992 
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Hurricane  Katrina,  Keesler  AFB,  2005 
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Japan's  Quake-Tsunami  March  2011 
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Why  Now?  We  need  to  be 

PROACTIVE,  not  REACTIVE! 

Japan's  Quake-Tsunami  March  2011 


Enterprise  Network  have  centralized  Network  management  and 
services. 

-  Reduce  operating  cost 

-  Sites  only  have  “touch  labor”  to  repair  machines 

What  happens  to  the  network  if  we  are 
forced  to  evacuate  the  Theater 
Network  Operation  Security  Cente^ 
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Japan's  Quake-Tsunami  March  2011 


Moving  the  Enterprise  Network  to  a  cioud  environment 

-  Each  node  mirrors  each  other 

-  Node  seiection  is  base  on  network  ioad 

-  Network  management  and  services  virtuaiized. 

-  increased  operating  cost 

-  Offset  by  using  iimited  resources  to  focus  on  operations, 
not  on  support 

-  Sites  oniy  h. 


-  No  iocai 
IT  staff. 
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labor  to  rep 
equipment. 
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Integrity  and  Availability 

Frequent  network  failures  common 
Security  takes  computational  time 
Autonomous  operation  is  desirable 


-  Caching  and  Syncing 

Asynchronous  &  spool-oriented 
application  desirable 

—  Mail,  Printing,  Web  browsing 

Need  disconnected  file  systems 

Need  to  be  able  to  handle 
heterogeneous  networks  and 
heterogeneous  computers 
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Natural  Evolution  of  Computing 


More 

Flexible 

Resource 

Usage 


Appliance 

Mobile  Computing 
LANs  +  WSs 


Networking 


Timesharing 


Batch 


Single  User 
OS 


Freedom  from  Collocation  &  Freedom  of  Collaboration 
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Convergence 


Cloud  -  Core  Technology 
Virtual  -  Enabling  Technology 
Al  Computer  Security  --  Enabling  Technology 
Desktop  Appliance  -  Thin  Ciient,  with  no  or 
limited  permanent  storage 
Computing  as  a  tool  -  you  won’t  even  know 
you  are  using  a  computer 
Data  Management 
Knowledge  Management 
Sky  net?? 
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Personal  Computing  is  Dead 

..and  it  has  been  for  years 

When  is  the  last  time  you  really  only  used  YOUR 
PC  and  ONLY  YOUR  RESOURCES???? 

It  died  -  and  you  never  even  noticed!!!! 
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DoD  Hardened  Nodes 

Build  a  Hardened  Cloud  supporting  all  DoD  assists 


Start  with  SIPR 
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To  Sum  it  up 


•  Know  what  you  need 

•  Remember  CIA 


Be  Proactive,  not  Reactive.  Plan  for  the 
future,  because  it's  coming  full  speed! 


LET'S  IIAPLEMiENT 
CLOUD  COMPUTING  50 
I  HAVE  SOr^ETKING  TO 
TALK  ABOUT  AT  THE 
EXECUTIVE  rAEETING. 


tell  THEfA  LJETlE 
EVALUATING  IT  THAT 
UJAY  NEITHER  OF  US 
NEEDS  TO  DO  ANY 
REAL  WORK 


1  LIKE 
IT  UJHEN 
YOU  DO 
REAL 
UJORK. 


SORRY,  I 
THOUGHT 
YOU  LJERE 
LEADING  BY 


EXAfAPLE-  ^ 
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Global  Havlr 


platoon 


MAGB 


NCC 


Army  Deploys  First  DoD  Tactical  Cloud  Computing  Node 

Apr.  4  2011  Col.  Charles  Wells,  project  manager  of  the  Distributed  Common 
Ground  System-Army  (DCGS-A),  told  Defense  Systems  magazine  today  that 
DCGS-A  Version  3  represents  the  Defense  Department’s  first  tactical  cloud 
computing  node.  Called  the  Griffin  software  build,  this  capability  is  in  response 
to  a  joint  urgent  operational  need  from  Army  Maj.  Gen.  Michael  Flynn. 

DCGS-A  Operational  Concepts 
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Mahalo 

and 

All  y'all  have  a  good  day! 

Dave  -  cookda@sfasu.edu 
Gene  -  euqene.bingue@navv.nnil 


I  UftS  HOLDING  A 
VIRTUAL  hEETING 
USING  THE  CLOUD 
RND. . . 
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YOU'RE  ALREADY  DEAD 
AND  YOU  DONT  KNOU 
IT. 
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AND  YET  YOUR  SOUL 
HAD  A  I^EETING  IN  A 
CLOUD.  INTERESTING. 
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